Re: [exim] Exim process stack 100% CPU?

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Mateusz Krawczyk
Datum:  
To: Jeremy Harris
CC: exim-users
Betreff: Re: [exim] Exim process stack 100% CPU?
I'm not able to repeat this situation. I have tried different scenarios
using openssl s_client. I get the same log message, the same ciphers etc.
but everything works fine.
The problem is connected (hopefully) with one particular server (owned by
some hosting company) and as I think, compromised user account which is
sending spam messages to auto-generated e-mail addresses.

Thank you,
Mateusz

2018-03-08 12:36 GMT+01:00 Jeremy Harris via Exim-users <exim-users@???
>:


> On 07/03/18 09:19, Mateusz Krawczyk via Exim-users wrote:
> >> Also, please run "exim -d -bV" and give the initial output, down
> >> as far as the "WHITELIST_D_MACROS" line (we're mainly interested in
> >> the library versions).
>
> OK, OpenSSL 1.0.1e. Given the "handling TLS incoming connection"
> status, I'm guessing it's looping around tls_refill(), meaning
> that there's a debug_printf() that should show. Is this a
> situation you can easily repeat? If so, run with debug
> enabled (either from cmdline or enabled by ACL - which means
> you can target a known connection source) to verify my guess.
>
> The loop, if present, would imply that the errorhandling is
> wrong in that routine. I'd have thought that a zero syscall
> read() return (as seen in your strace) would result in
> some non-SSL_ERROR_NONE return from SSL_read() but...
> --
> Cheers,
> Jeremy
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>